CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
IBM i versions 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege.
IBM Langflow OSS versions 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references.
Perry before version 0.5.1159 contains a path traversal vulnerability that allows a malicious build server to write arbitrary content to any location writable by the running process by supplying unsanitized path components in the artifact_name field of ArtifactReady WebSocket messages.
openSIS Classic 9.3 contains an insecure direct object reference vulnerability in the messaging module. Any authenticated user with access to the messaging module can request sent-message details by supplying an arbitrary mail_id value.
Boruta, an authorization server, prior to version 0.9.1, sets session cookies and the 'remember me' cookie without the Secure attribute. In HTTP connections, an attacker could intercept these cookies, leading to the ability to impersonate the user.
A path traversal vulnerability in Keras versions prior to 3.14.0 affects archive extraction utilities. The validation functions check paths against the current working directory (CWD) instead of the actual extraction destination, allowing bypass in environments like Docker, CI/CD, or Jupyter where CWD is '/', leading to arbitrary file writes.
A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS. An authenticated local user may be able to execute arbitrary code with SYSTEM privileges due to improper handling of executable resolution during the log collection process.
GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2. Under certain conditions, an authenticated user could have added unauthorized email addresses to a targeted user's account due to improper sanitization of user-supplied input in certain group setting fields.
Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. An attacker in the same local network can read arbitrary files from the server's operating system by manipulating HTTP request paths.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2. Under certain conditions, this could have allowed an unauthenticated user to cause denial of service due to improper input validation in the API request parsing middleware.
GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2. Under certain conditions, an authenticated user with the Owner role could take over another group member's GitLab account due to improper authorization in the Group SAML identity management functionality.
GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2. Under certain conditions, an authenticated user with developer-role permissions could execute arbitrary client-side code on behalf of a targeted user due to improper input sanitization in the Analytics Dashboard.
A vulnerability in vLLM versions 0.8.0 and later allows a DoS attack via memory exhaustion. The `VideoMediaIO.load_base64()` method does not limit the number of video frames when processing `video/jpeg` data URLs, enabling an attacker to send a request with thousands of encoded frames, causing server crash.
Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add() handler attempted to remove an attacker-supplied id from $params before normalizing the request.
CVE-2023-33999 describes improper neutralization of input during web page generation, leading to a 'cross-site scripting' (XSS) vulnerability in the WPVibes WP Mail Log plugin. This issue affects versions from n/a to 1.0.2.
The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can cause security annotations to be ignored at runtime if used for authorization decisions.
A vulnerability in Spring for GraphQL allows Cross-Site WebSocket Hijacking, where an attacker can trick an authenticated user into visiting a malicious page. This enables arbitrary GraphQL operations to be executed with the victim's credentials.
Spring for GraphQL is vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that can lead to Remote Code Execution when the application exposes a paginated (Connection) field and the classpath contains specific classes.
A vulnerability in Spring WS allows outbound connections to unverified addresses when non-anonymous ReplyTo or FaultTo addresses are used. This may lead to unauthorized access to external resources.
CVE-2026-40998 affects the Jaxp13XPathTemplate component, which evaluates XPath expressions for StreamSource and SAXSource inputs using the default DocumentBuilderFactory behavior of the JDK. This could lead to XML External Entity (XXE) attacks in applications processing untrusted XML data.

